1. Field of the Invention
The present invention relates to a secure download and security function execution method and apparatus and, in particular, to a method and electronic device for executing a secure download and security function in such a way of authenticating signature information of a specific user configured in receiving a binary update request of the electronic device and authenticating specific information of the signed binary in executing a function included in the binary.
2. Description of the Related Art
With the popularity of mobile devices like smartphones and tablet Personal Computers (PCs) and the diversification of application programs, the mobile device usage environment is becoming similar to that of the PC.
In this respect, the damage caused by malicious code has increased dramatically.
Also, as the application fields requiring a high security level, like electronic payment functions, are diversified, the interest and requirement in security of smartphones grows.
Particularly, the open source platform such as Android Operating System (OS) is vulnerable to external attacks and malicious applications distributed through low-security application stores and, recently, many sensitive private information leakage accidents based on illegal acquisition of the trust root information of the platform have been reported.
Since such security vulnerability hampers the widespread use of the smart devices in public fields requiring a high security level, research is being conducted to reinforce the mobile OS security and, as one effective solution, System on Chip (SoC) supports security booting based on a digital certificate and a digital signature in the booting process.
The recent SoC guarantees basic security in the form of a secure boot chain in the booting process.
In order to accomplish this aim, a conventional technology has been disclosed in Korean Patent Laid-open No. 10-2002-0092222 which proposes a secure booting method for protection from booting with an unauthenticated boot image.